<?php
/*
 * Session variables:
 * $_SESSION['database'] [string] = database name of the current tutorial centre
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 * $_SESSION['user'] [string] = the username/ email of the logged in user
 * $_POST['email']
 * $_POST['streetadd1']
 * $_POST['streetadd2']
 * $_POST['cityadd']
 * $_POST['contact_num']
 */
session_start();

if(isset($_POST['submit']) && isset($_SESSION['authorised']) && $_SESSION['authorised'] == true) {
	$host = 'localhost';
	$dbuser = 'postgres';
	$dbpass = 'password';
	$dbname = $_SESSION['database'];
	pg_connect("host='$host' user='$dbuser' password='$dbpass' dbname='$dbname'") or die(pg_last_error());
	$username = $_SESSION['user'];	
	$email = $_POST['email'];
	$streetadd1 = $_POST['streetadd1'];
	$streetadd2 = $_POST['streetadd2'];
	$cityadd = $_POST['cityadd'];
	$contactnum = $_POST['contact_num'];
	$sql = "UPDATE users SET username = '$email', streetadd1 = '$streetadd1', streetadd2 = '$streetadd2', cityadd = '$cityadd', contactnum = '$contactnum' WHERE username = '$username';"; 
	$result = pg_query($sql);
	$_SESSION['user'] = $username;
	$_SESSION['message'] = "Profile successfully changed.";
	header("Location: parent_viewprofile.php");
}
else {
	
	header("Location: index.php");
}
?>
